Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

FIX - Frontend Config Role Issue while switching from Cognito Idp to Custom Auth #938

Merged
merged 24 commits into from
Jan 2, 2024
Merged

FIX - Frontend Config Role Issue while switching from Cognito Idp to Custom Auth #938

merged 24 commits into from
Jan 2, 2024

Conversation

TejasRGitHub
Copy link
Contributor

Feature or Bugfix

  • Bugfix

Detail

Added Conditional statement on using appropriate role when setting data.all with custom auth versus cognito.

Relates

#937

Security

Please answer the questions below briefly where applicable, or write N/A. Based on
OWASP 10.

  • Does this PR introduce or modify any input fields or queries - this includes
    fetching data from storage outside the application (e.g. a database, an S3 bucket)? N/A
    • Is the input sanitized?
    • What precautions are you taking before deserializing the data you consume?
    • Is injection prevented by parametrizing queries?
    • Have you ensured no eval or similar functions are used?
  • Does this PR introduce any functionality or component that requires authorization? N/A
    • How have you ensured it respects the existing AuthN/AuthZ mechanisms?
    • Are you logging failed auth attempts?
  • Are you using or adding any cryptographic features? N/A
    • Do you use a standard proven implementations?
    • Are the used keys controlled by the customer? Where are they stored?
  • Are you introducing any new policies/roles/users? N/A
    • Have you used the least-privilege principle? How?

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

TejasRGitHub and others added 24 commits December 1, 2023 11:05
@TejasRGitHub
Backend and Frontend Changes For External Idp Changes
ed8b16f
Merge branch 'main' of https://github.com/TejasRGitHub/aws-dataall
93e64fe 
Changes from Open Source
@TejasRGitHub
Backend and Frontend Changes For External Idp Changes -1
89af5ab
Merge branch 'main' of https://github.com/TejasRGitHub/aws-dataall
684ed18 
Merged From Open source
@TejasRGitHub
Backend and Frontend Changes For External Idp Changes - 2
f173c2a
@TejasRGitHub
semgrep and linting corrections
0f4b88e
@TejasRGitHub
npm audit corrections
e844dae
@TejasRGitHub
npm audit corrections - 1
e39f7ab
Resolving Merge Conflicts
0bba194
@TejasRGitHub
Resolved Merged Conflicts and added for tests
f67153f
Merge branch 'main' of https://github.com/TejasRGitHub/aws-dataall
ee21ca4 
New Changed Merged
@TejasRGitHub
Fixing Semgrep Error in Frontend
622b923
@TejasRGitHub
Added Redirect URL as a config
83d482b
@TejasRGitHub
Addressing Changes from review comments
e940a6c
@TejasRGitHub
Minor Corections
393a282
@TejasRGitHub
Frontend Global Imports, Backend Validation for custom auth params an…
6f3aee3 
…d alb frontend changes as per custom auth
@TejasRGitHub
Mergin Files from Open source
692e5be
@TejasRGitHub
Addressing review comments - Minor backend deploy changes and fixing …
4cf5f7d 
…naming conventiosn and added guardrails
@TejasRGitHub
user id check from context in resolver function. Fixed tests
bea1836
@TejasRGitHub
Added Guardrails for user id and few frontend linter fixes
92cf30c
@TejasRGitHub
Adding Policy for frontend deployment
09a9a06
@TejasRGitHub
Synching Upstrem and resolving merge conflicts
74c2576
@TejasRGitHub
Using Different configs roles as per custom auth config
9e98e88
@TejasRGitHub
Removing extra new lines
82be94b
@noah-paige noah-paige self-requested a review January 2, 2024 16:14
@noah-paige
Copy link
Contributor

noah-paige commented Jan 2, 2024
edited
Loading

Testing the PR for both an Custom Auth and Cognito Deployment:

  • CICD Pipeline Succeeds
  • frontend config role created for Custom Auth
  • cognito config role created for Cognito Auth
  • Access data.all frontend post-update

I think we can optimize some of the logic between custom auth deployments and default cognito auth deployments as an enhancement since it is not super straightforward.

I would be inclined to do so at the same time or after we get user guide deployed with custom auth patterns so the resources defined for using different auth patterns are quite similar.

For now this PR looks good and I will approve as is, thanks!

noah-paige
noah-paige approved these changes Jan 2, 2024
View reviewed changes
Copy link
Contributor

@noah-paige noah-paige left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

tested and lgtm, approving

@noah-paige noah-paige merged commit ef966d8 into data-dot-all:main Jan 2, 2024
9 checks passed
@noah-paige noah-paige linked an issue Jan 4, 2024 that may be closed by this pull request
Frontend role creation error out on Cloudformation when switching from Cognito to Custom Auth #937
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@noah-paige noah-paige noah-paige approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Frontend role creation error out on Cloudformation when switching from Cognito to Custom Auth
2 participants
@TejasRGitHub @noah-paige